name: passbolt services: passbolt-db: image: mariadb:10.11 container_name: ${CONTAINER_NAME}-db restart: ${RESTART_POLICY} environment: - MYSQL_ROOT_PASSWORD=${DB_MYSQL_ROOT_PASSWORD} - MYSQL_DATABASE=${DB_DATABASE} - MYSQL_USER=${DB_USER} - MYSQL_PASSWORD=${DB_PASSWORD} volumes: - type: bind source: ${DB_PATH} target: /var/lib/mysql bind: create_host_path: true logging: driver: "json-file" options: max-size: "10m" max-file: "3" networks: - internal_net passbolt: image: passbolt/passbolt:latest-ce container_name: ${CONTAINER_NAME} restart: ${RESTART_POLICY} depends_on: - passbolt-db environment: - APP_FULL_BASE_URL=https://${SUBDOMAIN}.${DOMAIN} - DB_HOST=passbolt-db - DB_USER=${DB_USER} - DB_PASSWORD=${DB_PASSWORD} - DB_DATABASE=${DB_DATABASE} - EMAIL_DEFAULT_TRANSPORT=${EMAIL_TRANSPORT} - PASSBOLT_SSL_FORCE=true - PASSBOLT_SECURITY_SSL_PROXY=true - PASSBOLT_EMAIL_VALIDATE_MX=false - PASSBOLT_FORCE_BASE_URL=https://${SUBDOMAIN}.${DOMAIN} volumes: - type: bind source: ${PGP_PATH} target: /etc/passbolt/gpg bind: create_host_path: true - type: bind source: ${JWT_PATH} target: /etc/passbolt/jwt bind: create_host_path: true logging: driver: "json-file" options: max-size: "10m" max-file: "3" networks: - traefik - internal_net labels: - "traefik.enable=true" - "traefik.http.routers.${ROUTER_NAME}.rule=Host(`${SUBDOMAIN}.${DOMAIN}`)" - "traefik.http.routers.${ROUTER_NAME}.entrypoints=websecure" - "traefik.http.routers.${ROUTER_NAME}.tls=true" - "traefik.http.routers.${ROUTER_NAME}.tls.certresolver=${CERTIFICATE_RESOLVER}" - "traefik.http.services.${ROUTER_NAME}.loadbalancer.server.port=80" - "traefik.docker.network=${TRAEFIK_NETWORK}" - "traefik.http.routers.${ROUTER_NAME}.middlewares=passbolt-headers@docker" - "traefik.http.middlewares.passbolt-headers.headers.customrequestheaders.X-Forwarded-Proto=https" networks: traefik: name: traefik external: true internal_net: driver: bridge